Freeradius-Users Digest, Vol 49, Issue 93

Marco De Magistris marco.de.magistris at ericsson.com
Wed May 20 15:18:25 CEST 2009


>What does that mean? IP of the original NAS packet? 

I have 2 interfaces towards the network.

____________________________________________________________________________
Radius Client    -->  Radius Proxy
192.168.1.2      192.168.1.3  192.168.14.3  --> IPS1(192.168.14.4)
                              192.168.24.3  --> IPS2(192.168.24.4)  
____________________________________________________________________________

Steps:
	1)Radius Client  ---> Send packet with NAS-IP-Address = 192.168.1.2 	towards Radius Proxy.
	2)Radius Proxy changes NAS-IP-Address with 192.168.14.3 for IPS1(or  	192.168.24.3 for IPS2) and sends it.
      

You say that changing NAS-IP-Address the packet is transmitted correctly. Right?

 From 192.168.14.3  to  IPS1(192.168.14.4)  if NAS-IP-Address = 192.168.14.3
 From 192.168.24.3  to  IPS1(192.168.24.4)  if NAS-IP-Address = 192.168.24.3
            
> That's in internal attribute Packet-Src-IP-Address.

Should I modify this attribute or FreeRadius associates Packet-Src-IP-Address = NAS-IP-Address.

Thanks again
Marco


-----Original Message-----
From: freeradius-users-bounces+marco.de.magistris=ericsson.com at lists.freeradius.org [mailto:freeradius-users-bounces+marco.de.magistris=ericsson.com at lists.freeradius.org] On Behalf Of freeradius-users-request at lists.freeradius.org
Sent: mercoledì 20 maggio 2009 14.12
To: freeradius-users at lists.freeradius.org
Subject: Freeradius-Users Digest, Vol 49, Issue 93

Send Freeradius-Users mailing list submissions to
	freeradius-users at lists.freeradius.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.freeradius.org/mailman/listinfo/freeradius-users
or, via email, send a message with subject or body 'help' to
	freeradius-users-request at lists.freeradius.org

You can reach the person managing the list at
	freeradius-users-owner at lists.freeradius.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Freeradius-Users digest..."


Today's Topics:

   1. RE: Freeradius-Users Digest, Vol 49, Issue 89 (Ivan Kalik)
   2. Re: Long attribute name (Alan DeKok)
   3. Sql Counter reads only the first 4 digits
      (Mauro Iorio - Smart Soft s.r.l.)
   4. Re: question about windows users (Bartosz Chodzinski)
   5. Re: Sql Counter reads only the first 4 digits (Alan DeKok)


----------------------------------------------------------------------

Message: 1
Date: Wed, 20 May 2009 12:44:28 +0100 (BST)
From: "Ivan Kalik" <tnt at kalik.net>
Subject: RE: Freeradius-Users Digest, Vol 49, Issue 89
To: "FreeRadius users mailing list"
	<freeradius-users at lists.freeradius.org>
Message-ID:
	<41583.194.176.105.44.1242819868.squirrel at webmail.kalik.net>
Content-Type: text/plain;charset=utf-8

> The problem is the following:
>
>    The customers ask me if possible send them the packets from an
> interface defined.


What does that mean? IP of the original NAS packet? That's in internal
attribute Packet-Src-IP-Address.

> My Radius proxy listen on an IP address (i.e. 192.168.1.3) for
> authentication packet and forwarding them towards two different networks
> (i.e. 192.168.14.4(Customer1) and 192.168.24.4(Customer2))


Ivan Kalik
Kalik Informatika ISP



------------------------------

Message: 2
Date: Wed, 20 May 2009 13:50:35 +0200
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: Long attribute name
To: FreeRadius users mailing list
	<freeradius-users at lists.freeradius.org>
Message-ID: <4A13EE8B.1000301 at deployingradius.com>
Content-Type: text/plain; charset=ISO-8859-1

Ming-Ching Tiew wrote:
> 
> I know it's almost trivial to go an alter the table column size, but for users convenience, the sql attribute length should be increased. Currently the schema.sql which comes with the distribution is varchar(32). One of the motorola wimax attributes is 39 characters, Motorola-WiMAX-Maximum-Commit-Bandwidth. And I notice the mysql silently truncate the inserted string.

  That's reasonable.

  Alan DeKok.


------------------------------

Message: 3
Date: Wed, 20 May 2009 13:58:32 +0200
From: "Mauro Iorio - Smart Soft s.r.l." <m.iorio at smartsoft.it>
Subject: Sql Counter reads only the first 4 digits
To: "'FreeRadius users mailing list'"
	<freeradius-users at lists.freeradius.org>
Message-ID: <370DA20735BC482C80A4249BF39468B5 at zuccherino>
Content-Type: text/plain; charset="us-ascii"

Hi all,

 

I've a strange problem with sql counter on freeradius both 1.1.7 and 2.1.5
versions.

Actually executing 

 

SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='mauro' 

 

from SQL Server Management Studio gives me 294841 (Yes, that's a lot of
seconds, is a test user)

while the output of radiusd -X (ver 2.1.5) is:

 

------------------------------------

 

rlm_sqlcounter: Entering module authorize code

sqlcounter_expand:  'SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='%{

User-Name}''

[sessioncounter]        expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE U

serName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserNam

e='mauro'

sqlcounter_expand:  '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserNa

me='mauro'}'

[sessioncounter] sql_xlat

[sessioncounter]        expand: %{User-Name} -> mauro

[sessioncounter] sql_set_user escaped user --> 'mauro'

[sessioncounter]        expand: SELECT SUM(AcctSessionTime) FROM radacct
WHERE U

serName='mauro' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE
UserName='maur

o'

[sessioncounter]        expand: /usr/var/log/radius/sqltrace.sql ->
/usr/var/log

/radius/sqltrace.sql

rlm_sql (sql): Reserving sql socket id: 3

query:  SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='mauro'

[sessioncounter] sql_xlat finished

rlm_sql (sql): Released sql socket id: 3

[sessioncounter]        expand: %{sql:SELECT SUM(AcctSessionTime) FROM
radacct W

HERE UserName='mauro'} -> 2948

rlm_sqlcounter: Check item is greater than query result

rlm_sqlcounter: Authorized user mauro, check_item=3600, counter=2948

rlm_sqlcounter: Sent Reply-Item for user mauro, Type=Session-Timeout,
value=652

++[sessioncounter] returns ok

 

------------------------------------

 

That's' totally wrong since 294841 is much bigger than 3600 and not
smaller... And this happens with users from different groups and with
different SUM(AcctSessionTime). *Every* time SUM(AcctSessionTime) is bigger
than 9999 it looses the fifth digit of the response, better it looses every
digits after the fourth!!!

 

What's wrong??? I'd appreciate any help or ideas. 

This happens on two different Slackware 12.1 and 12.2 machines both with
freeradius 1.1.7 and a Slackware 12.2 with freeradius 2.1.5

 

Mauro Iorio.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090520/49af6da1/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Ing. Mauro Iorio (m.iorio at smartsoft.it).vcf
Type: text/x-vcard
Size: 439 bytes
Desc: not available
Url : <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090520/49af6da1/attachment.vcf>

------------------------------

Message: 4
Date: Wed, 20 May 2009 14:09:48 +0200
From: Bartosz Chodzinski <bartosz.c at gmail.com>
Subject: Re: question about windows users
To: FreeRadius users mailing list
	<freeradius-users at lists.freeradius.org>
Message-ID:
	<1f06c2db0905200509t38153a3et961ab52581386deb at mail.gmail.com>
Content-Type: text/plain; charset="iso-8859-1"

>> The steps you took show that you are NOT following the guide.
>>  Good luck.  You clearly are *not* interested in solving the problem.

the guide in radiusd.conf says:
#The server has proxying turned on by default.  If your system is NOT
#  set up to proxy requests to another server, then you can turn proxying
#  off here.  This will save a small amount of resources on the server.
I tried to read carefully with undrestanding, I dont use proxy, my system
not sending request to another server, so I turned it off.


On Wed, May 20, 2009 at 1:35 PM, Alan DeKok <aland at deployingradius.com>wrote:

> Bartosz Chodzinski wrote:
> > back to the begining
> > and using the most simple conf.
> ...
> > now I have clear configuration and make simply changes
> >
> > changes:
> > radiusd.conf
> > proxy_requests  = no #was yes, set to no cause I dont need it
>
>   The guide didn't say to do that.
>
> ...
> > I still have a problem - described in prvious post
>
>   The steps you took show that you are NOT following the guide.
>
>  Good luck.  You clearly are *not* interested in solving the problem.
>
>  Alan DeKok.
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freeradius.org/pipermail/freeradius-users/attachments/20090520/46013b08/attachment.html>

------------------------------

Message: 5
Date: Wed, 20 May 2009 14:11:54 +0200
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: Sql Counter reads only the first 4 digits
To: FreeRadius users mailing list
	<freeradius-users at lists.freeradius.org>
Message-ID: <4A13F38A.2000002 at deployingradius.com>
Content-Type: text/plain; charset=UTF-8

Mauro Iorio - Smart Soft s.r.l. wrote:
> I?ve a strange problem with sql counter on freeradius both 1.1.7 and
> 2.1.5 versions.
> 
> Actually executing
>
> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='mauro'

  What happens when you replace that SELECT statement with a hard-coded
number, like 123456?  Does it still truncate the result?

  Alan DeKok.


------------------------------

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


End of Freeradius-Users Digest, Vol 49, Issue 93
************************************************




More information about the Freeradius-Users mailing list